package com.gcc.securityform.service;

import com.gcc.securityform.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;

@Service
public class UserServiceImpl implements UserService {

    @Autowired
    private UserRepository userRepository;

    // 【关键】在 Service 实现类的方法上添加安全注解
    // 即使 Controller 忘记添加，这里的注解也能提供保护
    @PreAuthorize("hasRole('ADMIN')")
    @Override
    public void deleteUser(Long userId) {
        userRepository.deleteById(userId);
        System.out.println("User with ID " + userId + " has been deleted.");
    }
}
